On a side note, can you post the error message you get when trying to get the GPG key? I can update my answer to be more complete. Hopefully I can give you some commands to actually fix the issue rather than ignoring it.
–
GithlarOct 12 '12 at 1:51

2 Answers
2

It turns out it was a network problem, which explains the 407 Proxy Authentication errors.

From System Settings I went to Network. I clicked on my proxy connection, selected Configure, and noticed the proxy was set to "Connect Automatically". I disabled the automatic proxy connection and was able to update and install software again without problems.

The reason you're getting this "untrusted" error is because of the GPG key download failure. Modern repositories are signed with a private GPG key and they distribute a public GPG key so that the signature can be verified by end-users.

Theoretically this helps to prevent package downloads in the case that somebody replaces a package on the repository site with an unsigned version (may contain malware, spyware, etc.) This assumes that the "attacker" doesn't have the private GPG key to sign the packages.

So, you're getting the error because of the failed GPG key download. Apt can't verify the integrity of the package signature because it doesn't have the public key available to decrypt it.

Generally, it's not a good idea to download/install unverified software. But if you know the software and trust it, you can go ahead and install it without worries.

Thank you. I've been worried to install it because of this. So do the software maintainers need to update their public GPG key or something. Or is there a problem on my end downloading it?
–
Devi710Oct 12 '12 at 1:53